Closed zlgxzswjy closed 2 years ago
You need to post build.py
's output here
thank you for your reply: build agent's output is here:
┌──(root💀kali)-[~/Desktop/tools/emp3r0r/core]
└─# ./build.py agent -y
Choosing 'yes' for 'Use cached CC address (172.16.250.128)?'
CC status indicator URL (leave empty to disable):
Choosing 'yes' for 'Use cached agent proxy ()?'
Choosing 'yes' for 'Use cached CDN server ()?'
Choosing 'yes' for 'Use cached DoH server ()?'
Choosing 'yes' for 'Use autoproxy (will enable UDP broadcasting)'
Using cached CA cert (-----BEGIN CERTIFICATE-----
MIIC4TCCAcmgAwIBAgIUcY2tqfi9kl7sCAF7YKfragMebUkwDQYJKoZIhvcNAQEL
BQAwADAeFw0yMTEyMjEwMjAyMTVaFw0zMTEyMTkwMjAyMTVaMAAwggEiMA0GCSqG
SIb3DQEBAQUAA4IBDwAwggEKAoIBAQDe27D8CiyLNaSjy/8nHYvFyuRMPTgeQ3uo
G0vcnFarB4sWlD3gruuX40a+y7zARk5dGnrkP1nES+tfaLssELvGzQZy+voy0DRE
6OsySnj8yBe7q06JIbyKpvvp91k6FQyuVgKaT2jEqhFkaNXVgfhM0mbN6WfnvVAi
uVKhnpc+EB7KUG5Ta3LtKh7nMi1jMh9wbn3mW6uyl4M8ZZCsoMKBEK6gRMNKdGzf
oGac4aJOfcqI4iEmY/zoZTGkYTXeQP9xP3B9D/i1t+t4qXIJ902zs41mxLxN9Q+Q
7YsZkqrJuQ88IK0mgeFLZMZr4rybvm1QY70k6ZXy4KATizFxpv5xAgMBAAGjUzBR
MB0GA1UdDgQWBBQXo7au6OgGULUAdFeiI5M9kavizjAfBgNVHSMEGDAWgBQXo7au
6OgGULUAdFeiI5M9kavizjAPBgNVHRMBAf8EBTADAQH/MA0GCSqGSIb3DQEBCwUA
A4IBAQBPncmVYUzC1RMc27VtZS5vt4cNL1xqiPGpBG880NuX0MQrIvXenmTV9LqM
cge2jnCGqHZf+LoeqeY2tQvNFNphOMP0QKedy6EIrFl2FhWXMU9j8X5Z59nbXPo5
06sgL9GzL3/nLFrTTHBGcVNSqb0bkTRaePXbt7aIx/4FDcqoZY+DT2kmFyVoFStY
30A2Sm94uLNuFsN3Ult9ig4lPbv1Cfzi7vKCKHeAsT6u4h60QAzfeaIV+8yjibht
9JMk9jifWEQcsvTHV/FF4F97q0JE/ARYFXqk+9GlxtDU5vVtQRCjyqjsIZF07FQ4
fj8OnYBLM7nJywYsFEq57OpncZ94
-----END CERTIFICATE-----
),
make sure you have the coresponding keypair signed by it
[*] Copying CC keypair to ./build
Copy ./tls/emp3r0r-cert.pem to ./build
Copy ./tls/emp3r0r-key.pem to ./build
GO BUILD starts...
GO BUILD ends...
./build/agent-0fcc0432-6202-11ec-b94c-000c295083c9 generated
run cryptor.exe
2021/12/21 10:02:34 ELF size: 10813440 bytes
2021/12/21 10:02:36 ELF compressed: 3835002 bytes (0.35%)
2021/12/21 10:02:36 ./agent has been packed as ./agent.packed.exe
Ultimate Packer for eXecutables
Copyright (C) 1996 - 2020
UPX 3.96 Markus Oberhumer, Laszlo Molnar & John Reiser Jan 23rd 2020
File size Ratio Format Name
-------------------- ------ ----------- -----------
5776558 -> 4640024 80.33% linux/amd64 agent-0fcc0432-6202-11ec-b94c-000c295083c9
Packed 1 file.
./build/agent-0fcc0432-6202-11ec-b94c-000c295083c9 packed
┌──(root💀kali)-[~/Desktop/tools/emp3r0r/core]
└─# ./build/agent-0fcc0432-6202-11ec-b94c-000c295083c9
2021/12/21 10:03:36 Decompress ELF: gzip: invalid header
Thank you, I can reproduce this, a fix will be updated soon
that's great !
https://github.com/jm33-m0/emp3r0r/blob/5bd87ed9701db1b35c675ba539f7f998c5fd3ecd/core/build.py#L169
Looks like upx
somehow messes with my existing compression, for now I will disable upx
in build.py
to mitigate this issue
Okay, let me try it first. Wait for you to solve it completely
Testing on
Kali Linux kali 5.14.0-kali4-amd64 #1 SMP Debian 5.14.16-1kali1 (2021-11-05) x86_64 GNU/Linux
I used./build.py agent -y
to generate a agent 。but when I run./build/agent_[md5]
,I got an error:Decompress ELF: gzip: invalid header